As an increasing number of applications and services are being made available over networks such as the Internet, an increasing number of content, application, and/or service providers are turning to technologies such as cloud computing. Cloud computing, in general, is an approach to providing access to electronic resources through services, such as Web services, where the hardware and/or software used to support those services is dynamically scalable to meet the needs of the services at any given time. A user or customer typically will rent, lease, or otherwise pay for access to resources through the cloud, and thus does not have to purchase and maintain the hardware and/or software needed.
In some cases, users may want special hardware or full access to specific resources. Such access comes with risks for providers of those resources, however, as in a cloud or other shared environment there typically will be other users sharing those resources at various times, and a modification of the resource by one user can potentially be detrimental to subsequent users. In cases where users have a virtual address space, such that the customer network functions as a single virtual network without the restrictions or additional addresses of one or more additional physical networks, it can be desirable to provide secure networking functionality such as packet encapsulation and firewalling to allow the user to utilize addresses in the virtual address space that can be mapped or directed to the appropriate physical resources. Often the encapsulation and other such processes are performed on the host, which in the case of full or “bare metal” access on a machine can potentially enable a user to modify the encapsulation, firewalling, and similar procedures to redirect packets and perform other such operations, which can be undesirable in many instances.